|
Title: Windows Defender detects DOS/Stoned in chainstate files Post by: Delarock on May 16, 2014, 12:40:36 AM I saw a couple threads about a similar issue. Is there anything specific I should do?
Running Windows 8. I keep getting alerts from Windows defender. The virus definitions were last updated this afternoon. Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: dnaleor on May 16, 2014, 02:45:47 AM I saw a couple threads about a similar issue. Is there anything specific I should do? Running Windows 8. I keep getting alerts from Windows defender. The virus definitions were last updated this afternoon. I got the same... Should I just ignore it? It closed my bitcoin core program. Not willing to riskt it to restart until I got confirmation chainstate\142266.sst is the "infected" file Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: grue on May 16, 2014, 03:22:39 AM I saw a couple threads about a similar issue. Is there anything specific I should do? protip: if you saw similar threads about the same issue, consider reading those threads for a solution.Running Windows 8. I keep getting alerts from Windows defender. The virus definitions were last updated this afternoon. Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: Delarock on May 16, 2014, 03:35:23 AM Different operating system, different virus, different anti-virus.
Not the same issue. Similar issue. Not trying to pick nits, but there's a level of specificity that you just don't take for granted with computers. Since I'm not an expert, I'm asking the experts here. Why do you think I didn't read those threads? I did two searches, for the virus name and for the error code. I gleaned what I could from them and I'm asking again to be sure. Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: VinCeCream on May 16, 2014, 09:07:59 AM I think somebody introduced a virus code in the blockchain ..
But I'm not sure if it is possible ? Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: shorena on May 16, 2014, 09:43:10 AM I think somebody introduced a virus code in the blockchain .. But I'm not sure if it is possible ? Its possible and it has been done. In fact it allready has been done a long time ago in the testnet. See here https://bitcointalk.org/index.php?topic=554738.0 where on of the devs talks about it. This also links to a swedish board where this is discussed. Also here: https://bitcointalk.org/index.php?topic=470326.0 Also getting a positive for Virus:DOS/Stoned, but in Bitcoin\chainstate\285512.sst, from Microsoft Security Essentials. Running Windows 7. I believe I've also seen threads about this before, trying to dig up the relevant information... There have been similar posts here: https://bitcointalk.org/index.php?topic=558919.0 https://bitcointalk.org/index.php?topic=559365.0 https://bitcointalk.org/index.php?topic=560070.0 even from 2011: https://bitcointalk.org/index.php?topic=43803.0 https://bitcointalk.org/index.php?topic=43752.0 https://bitcointalk.org/index.php?topic=43741.0 https://bitcointalk.org/index.php?topic=23465.0 Maybe this should be in some sort of sticky or this will pop up again and again. well... it probably will anyway. Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: Delarock on May 16, 2014, 01:39:13 PM So this is a false positive detection and the only work around is to exclude the \chainstate folder from virus scan?
Doesn't this seem like it creates a vulnerability? Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: dnaleor on May 16, 2014, 02:24:26 PM so we are safe?
Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: shorena on May 16, 2014, 02:38:13 PM So this is a false positive detection and the only work around is to exclude the \chainstate folder from virus scan? Doesn't this seem like it creates a vulnerability? I doubt it would as the data there should not get executet. Also the data just matches the signature of a virus thats not the same as the actual virus. Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: Delarock on May 16, 2014, 02:59:41 PM I doubt it would as the data there should not get executet. Also the data just matches the signature of a virus thats not the same as the actual virus. I understand the second part, thanks for the clarification. Maybe it's the paranoid part of me, but I can't help but feel that the type of action that we have to take to "fix" this is exactly the type of action that could be exploited down the line, especially because the folder that everyone has to ignore is in the same place. Even if the data cannot get executed, it still causes a security weakness. It's like the boy who cried wolf. Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: lubah on May 16, 2014, 05:58:23 PM same shit here: I get this -
https://i.imgur.com/1KKS6A0.jpg?1 Apparently the fix is you have to exclude the C:/Users/yourusername/AppData/Roaming/Bitcoin directory from Windows Defender I blew away the entire directory just to be safe and am working off a backup wallet -- only 153 weeks behind now :-( toolie fucking kids gotta fuck around... Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: lateblooming on May 17, 2014, 01:24:03 AM https://answers.microsoft.com/en-us/protect/forum/mse-protect_updating/microsoft-security-essentials-reporting-false/0240ed8e-5a27-4843-a939-0279c8110e1c?tm=1400189799602
Title: Re: Windows Defender detects DOS/Stoned in chainstate files Post by: amacar on October 11, 2014, 09:15:04 AM I got this virus message today, blockchain was up to date, so it is not the same old message. Anyone else got it? Is it safe to make exception in antivirus?
https://i.imgur.com/0QWdKkS.png |
